This document provides details on how ClubRunner has made improvements to help organizations become GDPR ready. We’ll cover each area that changed or has enhanced functionality to comply with these changes. More information about GDPR itself can be found here.
Data Entry by Guests
ClubRunner requires affirmative consent when data is entered by guests (visitors who are not logged in ) to the website. We’ll cover each of the areas and show how this consent is collected.
Event Planner – registering guests
In the Event Planner module registrants will need to provide consent for each guest record entered in addition to their own before registration can be completed.
MyEventRunner – registering as a non-member
In MyEventRunner non-members need to provide their consent for their own registration and their guests.
Volunteer Sign Up – for non-members
When guests are signing up to volunteer they must also provide their consent to complete their signup.
Both the Built in Contact forms and contact form widgets require consent before allowing the email to be sent.
Built In Contact Forms
Contact Form Widgets
When signing up to be a subscriber to the Bulletin potential subscribers will be required to confirm consent before saving their information.
Data Entry by Members & Administration Staff
Consent is also required when your membership or staff store contact details in the various modules of ClubRunner.
When adding new Other Users, members or staff will be required to confirm consent before saving the form.
Members of the organization are not required to provide consent to register themselves. If a staff member registers other members within the organization they are also not required to provide consent.
Consent is required for guests when members or staff are registering on their behalf.
Members are not required to provide consent if the login form is available and used. Otherwise if the registrant is not a member MyEventRunner will prompt for consent.
Member without logging in:
Member while logged in:
If a member or staff member are registering guests on their behalf the consent boxes will be shown.
If the event contact for MyEventRunner is a non-member, this requires consent.
When adding a single new contact or importing contacts you’ll need to acknowledge that you have their consent to proceed.
Single New Contact:
Friends of the Club
When members or staff add new Friends they’ll be prompted to confirm that they have consent before it can be saved.
When staff adds a new Sponsor they’ll be prompted to confirm that they have consent before it can be saved.
Volunteer Sign Up
If a member or staff member registers a guest consent will be required to save the signup.
When a staff member in the organiztion adds a new bulletin subscriber they will be required to provide consent before saving.
When a staff member is adding a new speaker they will be required to provide consent before saving.
When adding meeting guests in the attendance module, consent will be required before it can be saved.
Part of the GDPR changes is providing notice that consent was received to store the information. When contact data is stored for the first time about an individual they will receive an email letting them know that some information was stored based on their approved consent.
Below is an example of the email they will receive.
Should your organization receive a request to remove contact details from a non-member, we’ve added a tool to help find and remove this data. This will ensure that the requestor’s data has been removed except in cases where the organization has a “lawful basis” to retain the information. An example of a “lawful basis” would be data related to financial transactions in modules like MyEventRunner or Event Planner.